PHP PHP security vulnerabilities, CVEs, versions and CVE reports

A CVE Details database page listing PHP security vulnerabilities, CVEs, and version-specific exploit data. The page provides a breakdown of vulnerability types by year (2016–2025), including overflow, memory corruption, SQL injection, XSS, directory traversal, file inclusion, CSRF, XXE, SSRF, and input validation issues. Totals show 49 overflow and 69 memory corruption vulnerabilities as the most prevalent categories across all tracked versions of PHP.